linux - TCP socket performance
2014-04
There are three Linux Debian machines connected via Gigabit Ethernet router:
- Server machine A that is the source or HTTP streaming traffic with bandwidth 300 KBps.
- Proxy machine B that connected to server machine A and perform several calculations and bypass sligtly modified traffic to its clients. All these operations are performed by one application in one thread with use of
libevent
. - Client machine C that is connected to proxy machine B with 32
curl
clients. So proxy machine B handle all connections (1 AB connection and 32 BC connections) in one thread.
There is an issue exist. HTTP traffic between machines A and B stuck regularly for one half to several seconds. Symptoms:
- According to
netstat
theSend-Q
of machine A does not change on stuck reprodution. - According to
IOCTL(FIONREAD)
there are no bytes in input queue for application on proxy machine B. - According to
tcpdump
andwireshark
(tcpdumps from both machines A and B) I seeTCP Retransmission
on both machines A and B andTCP Dup ACK
on machine B only.
It is may be significant: all three machines are servers machines. According to iftop
and htop
there is a big room in CPU, memory and network utilization.
My question is how can I improve the perfomance of the connection AB?
How can I force all currently open sockets in linux to close from the command line?
Maybe it's easier to shut down a specific interface, for example:
# ifconfig eth0 down
to flush all your rules in the filter table
iptables -F
set default behavior to drop in INPUT chain
iptables -P INPUT DROP
at this point all local sockets should be unavailable to a remote host if you have a redhat based os you should also use iptables -X to get rid of their custom chain for INPUT
if you want to the rules to remain on startup then you need to either include these in a script that runs in the /etc/rc.local file or use iptables save
This is all assuming that what you said you want to do is what you want to do.